add version #1
Open
add version #1
GitHub Advanced Security / SonarCloudStaging
succeeded
Oct 25, 2022 in 2s
12 fixes
Fixed alerts
- I/O function calls should not be vulnerable to path injection attacks (fixtures/devtools/scheduling-profiler/run.js:50)
- Dynamic code execution should not be vulnerable to injection attacks (fixtures/dom/public/renderer.js:142)
- Origins should be verified during cross-origin communications (fixtures/dom/src/components/fixtures/hydration/index.js:63)
- Origins should be verified during cross-origin communications (fixtures/dom/public/renderer.js:198)
- Origins should be verified during cross-origin communications (fixtures/dom/public/renderer.js:184)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/backend.js:54)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/backend.js:22)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/contentScript.js:64)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/contentScript.js:45)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/contentScript.js:19)
- Origins should be verified during cross-origin communications (packages/react-devtools-extensions/src/contentScript.js:9)
- Origins should be verified during cross-origin communications (packages/react-devtools-shared/src/registerDevToolsEventLogger.js:22)
Analyses
Code scanning compared refs/heads/main with refs/pull/1/head (commit 86f643a).
| Category | Base branch | Pull request |
|---|---|---|
| ✔️ Found for feced98 | ✔️ Found for 86f643a |
Loading